Skip to main content
McAfee Enterprise MVISION Cloud

Connected Apps for Microsoft 365

Connected Apps allows MVISION Cloud Incident Managers to discover third-party applications associated with Microsoft 365 and connected to your corporate environment via OAuth. Then it provides a workflow for you to manually remediate, audit, allow, or block Connected Apps access to user's data, to notify users via email of an app's status, and revoke access as needed.

For more general information on Connected Apps, see About Connected Apps. For information on creating and managing policies, see Connected Apps Policies. 

Supported Apps

MVISION Cloud uses Microsoft Graph API to access Connected Apps and user information. For details, see Overview of Microsoft Graph.

Microsoft Graph API supports the following Microsoft applications: 

  • Exchange
  • Microsoft Office
    • Excel
    • Outlook
    • PowerPoint
    • Word
  • OneDrive
  • OneNote
  • SharePoint
  • Teams

And all the add-ins that are available at Microsoft.com.

Enabled by Default

Connected Apps for Microsoft 365 is enabled by default when you integrate Microsoft 365 with MVISION Cloud. For details, see MVISION Cloud for Microsoft 365 Integration Workflow

Disable Connected Apps

You can disable Connected Apps if you do not want to use the feature. 

  1. Go to Settings > Service Management
  2. Select your Microsoft 365 instance. 
  3. On the Setup tab, and for API, click Edit
  4. Toggle Connected Apps to Disabled
    disable_connected_apps_o365.png
  5. In the Disabling a Feature confirmation dialog, click Disable
    disable_connected_apps_o365_confirm.png

Visibility of Office 365 Connected Apps

Connected Apps allows MVISION Cloud Incident Managers to discover third-party applications associated with Microsoft 365 and connected to your corporate environment via OAuth. For a Connected App to display in MVISION Cloud, an app must be granted access to the Office 365 corporate assets. This triggers an API event that MVISION Cloud uses to display the app. 

For some Office 365 apps, the integration method is different where no consent is granted from the user and no scopes are granted to the app. This means that the app does not have any access to the Office 365 assets and no data can be exfiltrated from Office 365 to the third-party app. These apps are not displayed in MVISION Cloud.

  • Was this article helpful?